General
-
Target
Injector.exe
-
Size
16.3MB
-
Sample
241223-wrerzswrgl
-
MD5
e0ec4f575f876e515f7f56e372fa1142
-
SHA1
7a7a5a5fa0b2fa8a6a782f9f27344a1db40fb859
-
SHA256
43725dbdc733f409e34f9cd8c2daceb2d1b5c2baa2a5663452166522ff794586
-
SHA512
d03bf3ff1182c1764dc8e912229b0bf202660f29356890777bd36864a96b8509e8c44a2d2b9100041fa591f50f0609d43e8519f61fdcf8517827deacd9f3735f
-
SSDEEP
393216:I9YimSsewq3Obs2CltXMCHWUjurRQ7XbFsn6dEahcyorChF9DA33JX2E:I9YimRewq3ObRqtXMb8urRQ766dhcyo7
Behavioral task
behavioral1
Sample
Injector.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
Injector.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
Injector.exe
-
Size
16.3MB
-
MD5
e0ec4f575f876e515f7f56e372fa1142
-
SHA1
7a7a5a5fa0b2fa8a6a782f9f27344a1db40fb859
-
SHA256
43725dbdc733f409e34f9cd8c2daceb2d1b5c2baa2a5663452166522ff794586
-
SHA512
d03bf3ff1182c1764dc8e912229b0bf202660f29356890777bd36864a96b8509e8c44a2d2b9100041fa591f50f0609d43e8519f61fdcf8517827deacd9f3735f
-
SSDEEP
393216:I9YimSsewq3Obs2CltXMCHWUjurRQ7XbFsn6dEahcyorChF9DA33JX2E:I9YimRewq3ObRqtXMb8urRQ766dhcyo7
Score7/10-
Drops startup file
-
Loads dropped DLL
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Enumerates processes with tasklist
-